Sample viewer

vx.netlux.org/Virus.DOS.Ntit.1254

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:30:34.227030333Z	26	PC: 12ea2 \| Set disk transfer address
2018-12-17T22:30:34.228861147Z	78	PC: 12eac \| Find first file
2018-12-17T22:30:34.236371509Z	61	PC: 12eb8 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:30:34.243921256Z	66	PC: 12ecf \| Move file pointer
2018-12-17T22:30:34.246038237Z	63	PC: 12ee0 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:30:34.254415727Z	67	PC: 12d0f \| Get or set file attributes
2018-12-17T22:30:34.272349543Z	61	PC: 12d19 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:30:34.279537295Z	66	PC: 12d32 \| Move file pointer
2018-12-17T22:30:34.281574348Z	66	PC: 12d4e \| Move file pointer
2018-12-17T22:30:34.283065845Z	63	PC: 12d60 \| Read file or device (Read 407 bytes on handle 6)
2018-12-17T22:30:34.285814081Z	66	PC: 12d75 \| Move file pointer
2018-12-17T22:30:34.287921336Z	64	PC: 12d82 \| Write file or device (Write 407 bytes on handle 6)
2018-12-17T22:30:34.296838544Z	66	PC: 12e2e \| Move file pointer
2018-12-17T22:30:34.298411869Z	64	PC: 12e3c \| Write file or device (Write 500 bytes on handle 6)
2018-12-17T22:30:34.301962952Z	66	PC: 12e2e \| Move file pointer
2018-12-17T22:30:34.303498587Z	64	PC: 12e3c \| Write file or device (Write 500 bytes on handle 6)
2018-12-17T22:30:34.312883661Z	66	PC: 12e04 \| Move file pointer
2018-12-17T22:30:34.31486964Z	64	PC: 12e11 \| Write file or device (Write 254 bytes on handle 6)
2018-12-17T22:30:34.324214586Z	66	PC: 12e58 \| Move file pointer
2018-12-17T22:30:34.326668721Z	64	PC: 12e69 \| Write file or device (Write 2 bytes on handle 6)
2018-12-17T22:30:34.340997953Z	62	PC: 12e74 \| Close file
2018-12-17T22:30:34.35250542Z	67	PC: 12e84 \| Get or set file attributes
2018-12-17T22:30:34.364841426Z	87	PC: 12e98 \| Get or set file date and time
2018-12-17T22:30:34.3684395Z	9	PC: 12a47 \| Display string (String= ' FAST PRESS, Written by Plus Lin NTIT')